Information, tools and how-to's for the new intrusion analyst. Mentoring by blogging.
Thursday, November 13, 2008
Malzilla
This will be old news to many, I presume, but I came across a very nifty tool called Malzilla in a security list today. Turns out it's just what I've been looking for. Doing IDS analysis, you come across a lot of obfuscated code in various formats: Jscript, Hex encoded, Base64, shellcode and the like. I'd never found one tool to help me quickly work though this until I found Malzilla. Primarily a malware analysis tool, it deobfuscates all of the above as well as having a hex viewer, a Pscript tool, and a URL deobfuscater. Very nice, free, and open source. If interested, you can grab the W32 binaries package at http://sourceforge.net/projects/malzilla . Sweet! Many thanks to the author, Boban Spasic, as well as the other contributors to the project, found in the About tab of the tool.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment